diff --git a/docs/en/administration/Blacklist.md b/docs/en/administration/Blacklist.md index e9259c873f05e..142730893efaa 100644 --- a/docs/en/administration/Blacklist.md +++ b/docs/en/administration/Blacklist.md @@ -19,9 +19,9 @@ admin set frontend config ("enable_sql_blacklist" = "true") The admin user who has ADMIN_PRIV privileges can manage blacklists by executing the following commands: ~~~sql -ADD SQLBLACKLIST #sql# -DELETE SQLBLACKLIST #sql# -SHOW SQLBLACKLISTS +ADD SQLBLACKLIST "" +DELETE SQLBLACKLIST +SHOW SQLBLACKLISTS ~~~ * When `enable_sql_blacklist` is true, every SQL query needs to be filtered by sqlblacklist. If it matches, the user will be informed that theSQL is in the blacklist. Otherwise, the SQL will be executed normally. The message may be as follows when the SQL is blacklisted: @@ -31,10 +31,16 @@ SHOW SQLBLACKLISTS ## Add blacklist ~~~sql -ADD SQLBLACKLIST #sql# +ADD SQLBLACKLIST "" ~~~ -**#sql#** is a regular expression for a certain type of SQL. Since SQL itself contains the common characters `(`, `)`, `*`, `.` that may be mixed up with the semantics of regular expressions, so we need to distinguish those by using escape characters. Given that `(` and `)` are used too often in SQL, there is no need to use escape characters. Other special characters need to use the escape character `\` as a prefix. For example: +**sql** is a regular expression for a certain type of SQL. + +:::tip +Currently, StarRocks supports adding SELECT statements to the SQL Blacklist. +::: + +Since SQL itself contains the common characters `(`, `)`, `*`, `.` that may be mixed up with the semantics of regular expressions, so we need to distinguish those by using escape characters. Given that `(` and `)` are used too often in SQL, there is no need to use escape characters. Other special characters need to use the escape character `\` as a prefix. For example: * Prohibit `count(\*)`: @@ -88,13 +94,15 @@ The SQL shown in `Forbidden SQL` is escaped for all SQL semantic characters. ## Delete blacklist ~~~sql -DELETE SQLBLACKLIST #indexlist# +DELETE SQLBLACKLIST ~~~ -For example, delete the sqlblacklist 3 and 4 in the above blacklist: +`` is a list of SQL IDs separated by comma (,). + +For example, delete the No.3 and No.4 SQLs in the above blacklist: ~~~sql -delete sqlblacklist 3, 4; -- #indexlist# is a list of IDs separated by comma (,). +delete sqlblacklist 3, 4; ~~~ Then, the remaining sqlblacklist is as follows: diff --git a/docs/en/sql-reference/sql-statements/Administration/ADD_SQLBLACKLIST.md b/docs/en/sql-reference/sql-statements/Administration/ADD_SQLBLACKLIST.md index 613882efe6419..199f08d7af950 100644 --- a/docs/en/sql-reference/sql-statements/Administration/ADD_SQLBLACKLIST.md +++ b/docs/en/sql-reference/sql-statements/Administration/ADD_SQLBLACKLIST.md @@ -10,9 +10,12 @@ Adds a regular expression to the SQL blacklist to forbid certain SQL patterns. W For more about SQL Blacklist, see [Manage SQL Blacklist](../../../administration/Blacklist.md). -> **NOTE** -> -> Only users with the ADMIN privilege can add SQL regular expressions to the SQL blacklist. +:::tip + +- Only users with the ADMIN privilege can add SQL regular expressions to the SQL blacklist. +- Currently, StarRocks supports adding SELECT statements to the SQL Blacklist. + +::: ## Syntax diff --git a/docs/zh/administration/Blacklist.md b/docs/zh/administration/Blacklist.md index 6b626704009fa..4c469f8f89594 100644 --- a/docs/zh/administration/Blacklist.md +++ b/docs/zh/administration/Blacklist.md @@ -1,7 +1,7 @@ ---- -displayed_sidebar: "Chinese" ---- - +--- +displayed_sidebar: "Chinese" +--- + # 管理黑名单 本文介绍如何管理 SQL 黑名单 (SQL Blacklist)。 @@ -23,10 +23,16 @@ ADMIN SET FRONTEND CONFIG ("enable_sql_blacklist" = "true"); 通过以下命令添加 SQL 黑名单。 ```sql -ADD SQLBLACKLIST "sql"; +ADD SQLBLACKLIST ""; ``` -**"sql"**:某类 SQL 的正则表达式。由于 SQL 常用字符里面就包含 `(`、`)`、`*`、`.` 等字符,这些字符会和正则表达式中的语义混淆,因此在设置黑名单的时候需要通过转义符作出区分,鉴于 `(` 和 `)` 在SQL中使用频率过高,我们内部进行了处理,设置的时候不需要转义,其他特殊字符需要使用转义字符"\"作为前缀。 +**sql**:某类 SQL 的正则表达式。 + +:::tip +当前 StarRocks 支持将 SELECT 语句加入 SQL 黑名单。 +::: + +由于 SQL 常用字符里面就包含 `(`、`)`、`*`、`.` 等字符,这些字符会和正则表达式中的语义混淆,因此在设置黑名单的时候需要通过转义符作出区分,鉴于 `(` 和 `)` 在SQL中使用频率过高,我们内部进行了处理,设置的时候不需要转义,其他特殊字符需要使用转义字符"\"作为前缀。 示例: diff --git a/docs/zh/sql-reference/sql-statements/Administration/ADD_SQLBLACKLIST.md b/docs/zh/sql-reference/sql-statements/Administration/ADD_SQLBLACKLIST.md index d2da2419a6829..81378c40176ca 100644 --- a/docs/zh/sql-reference/sql-statements/Administration/ADD_SQLBLACKLIST.md +++ b/docs/zh/sql-reference/sql-statements/Administration/ADD_SQLBLACKLIST.md @@ -10,6 +10,12 @@ displayed_sidebar: "Chinese" 有关 SQL 黑名单的更多信息,请参阅 [管理 SQL 黑名单](../../../administration/Blacklist.md)。 +:::tip + +- 该操作需要 admin 角色。 +- 当前 StarRocks 支持将 SELECT 语句加入 SQL 黑名单。 +::: + ## 语法 ```SQL